Filtered by vendor Klogserver Subscriptions
Filtered by product Klog Server Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-3317 1 Klogserver 1 Klog Server 2024-11-21 8.8 High
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
CVE-2020-35729 1 Klogserver 1 Klog Server 2024-11-21 9.8 Critical
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.